by J. Orlin Grabbe

While Agha Hassan Abedi carried on a crusade to develop a Pakistani
nuclear capability through the tentacles of his global bank--the Bank of
Credit and Commerce International (BCCI)--BCCI itself played a key role in
U.S. intelligence gathering. It did so by providing financial services to
arms dealers and associated terrorists. Financial information about who
was paying whom, presented a fairly clear picture about what was taking
place in the purchase and movement of armaments and strategic technology.

If, for example, a check was drawn on the Sitico account at BCCI
Luxembourg and deposited in, say, Raytheon's account at Bank XYZ in Dallas,
then this information could be combined with the knowledge that Sitico was
an Iraqi front company, and an analyst might conclude that Iraq was purchasing
spare parts for the HAWK. Of course, few (if any) financial transactions
would be this straight forward, so considerable effort would be needed to
trace the flow of money. (This was especially true considering that some of
BCCI's accounts were kept in longhand and written in Urdu.)

But, looking forward, the loss of BCCI did considerable damage to
the process of intelligence collection for:

"The greatest concern of U.S. decisionmakers in upcoming years
is likely to be restricting the spread of advanced military
technologies--particularly nuclear, chemical, biological, and
ballistic missile technologies--and preventing the use of such
technologies as have been acquired. These tasks will require
monitoring the pursuit and application of those technologies by
a number of countries--including Israel, India, Pakistan, Iran,
Iraq, and North Korea. In addition to monitoring within-country
activities, attention will have to be directed toward the licit
and illicit international supply of various components of those
technologies" (Jeffrey T. Richelson, The U.S. Intelligence
Community, 3rd edition, Westview Press, 1995).

Moreover, the vast amounts of banking and financial data being sucked
in and stored for analysis by the NSA mandated a separate facility to analyze
and process the data. The volume of financial data was already taxing NSA
resources. (NSA's data processing capacity has been recently expanded
through installation of the world's third fastest supercomputering center
[according to rating criteria that may, or may not, be valid]. The center
is located at E-Systems of Dallas, Texas, a company that was purchased in
April 1995 by Raytheon for $2.3 billion.)

These concerns, and others, led to the creation of FinCEN, located
in Vienna, Virginia. Because FinCEN was established as a unit of the U.S.
Treasury, NSA's COMINT and ELINT could be combined with domestic sources of
information, including information from the Federal Reserve and the
Treasury's own data bases, which included various types of financial, tax,
and customs information. It also meant the merger of foreign and domestic
intelligence. As one cypherpunk has noted, national borders are just speed
bumps on the information superhighway.

A November 1993 GAO report on FinCEN lists 84 positions (out of
207 staff members) referred to as "intelligence analysts", most of whom
come from the NSA. "FinCEN, planned as a hunter of tax-evaders, has become
a hunter of economic and financial secrets at home and abroad" (J. Michael
Springmann, "FinCEN--American Financial Intelligence Service,"
Unclassified, No. 33, Summer 1995.)

"And, it is clear from the March 29, 1995 draft of Clinton's
executive order on access to classified information, that
FinCEN's brief has been expanded. It will, in the future,
conduct security clearance investigations for all government
employees and contractors with access to classified information,
in the process examining their bank statements, credit
histories, and foreign travel records" (Springmann).

FinCEN now issues all regulations under the Banking Secrecy Act,
the basis of all U.S. money laundering legislation.

Section 5313 of the Banking Secrecy Act (BSA) requires a Currency
Transaction Report (CTR) of cash deposits or transactions of $10,000 and
above, which is IRS Form 4789, and a Currency Transaction Report by Casinos
(CTRC), which is IRS Form 8362. Section 5316 of BSA also requires a Currency
or Monetary Instrument Report (CMIR) for transport of $10,000 or more of
currency in or out of the U.S. This is Customs Form 4790. Section 5314(a)
of BSA requires reporting of foreign bank or financial accounts whose value
exceeds $10,000 at any time during the preceding year. This is called a
Foreign Bank Account Report (FBAR) and is Treasury form TDR 90-22-1.
Section 60501 of the IRS Code requires the reporting of business
transactions involving more than $10,000 cash. These are reported on IRS
Form 8300.

These and other forms are entered into the Treasury Financial Date
Base (TFDB) and become available on-line in the Treasury Enforcement
Communications System, TECS II. The TFDB data are processed through the
FinCEN Artificial Intelligence (AI) System, which is trained to identify
suspicious transaction patterns.

FinCEN's AI system has now been joined by thousands of
bio-intelligence (BI) systems also programmed to detect suspicious activity.
In 1992 Treasury (now operating through FinCEN) was given authority to issue
regulations on "suspicious transactions" reporting (Title 31, USC Sec.
5318(g)). Under this regulation, your banker (a BI system) is required to
report any suspicious behavior on your part. (So don't even think of
looking cross-eyed at him or her.)

Private companies are also jumping onto the AI bandwagon to build
products to analyze banking transactions:

". . . UK software company InterAcess Risk Management
has unveiled Syfact, a software package designed to analyse
the relationships between apparently unrelated accounts and
spot potential irregularities between them.

"The package can run through an entire bank's account
holders, allowing compliance officers to build a diagram
of laundering patterns of fraudulent activity, which,
InterAccess says, would normally take months to construct.

"The system logs suspicious transactions for investigation
against other events, either within the bank's own systems
or in collaboration with other organisations. It also is
designed to be used by criminal intelligence agencies for
the same purpose" ("Technology to aid and curb crime,"
Money Laundering Bulletin, July 1995).

FinCEN's director, Stanley Morris, has targeted Internet
banking and "cyberlaundering" as one of his top priorities.

"The term 'cyberspace' may send chills down the spines of many,
but money launderers are probably not among them. It is likely
they delight in the murky potential it provides for plying
their trade beyond the scrutiny of the government agents who
pursue them. . . .

So now money launderers join child pornographers, terrorists, conspiracy
theorists, and hacker-crackers in the government litany of alleged Internet
evils. To some extent, the apparent concern may be duplicitous. For the
NSA is heavily involved in several of the enterprises that are rushing to
become "cyberspace" banks. The NSA was late getting into the financial
services game, but it is now attempting to seize the initiative in the area
of its comparative advantage: information technology.

And in another respect, FinCEN's brief to catch money launderers
is certainly duplicitous. For who is better posed to run an undetected
money laundering operation than the FinCEN money laundering cops?

The integration of human, communications, and electronic intelligence
(HUMINT, COMINT, and ELINT) in FinCEN-type environments required the
construction of a common data base standard so that information could easily
be transferred between different agencies and different applications. The
standard that was decided on was originally implemented at the Justice
Department in a software system for federal prosecutors to keep track of the
vast amounts of data involved in a legal case. This was the PROMIS system
partly developed and enhanced through a contract between the Justice
Department and a Washington-D.C.-based firm called Inslaw.

This data standard, embodied in the PROMIS software, was implemented
at the Justice Department, the NSA, the CIA, and the NSC. PROMIS was also
sold to the Federal Emergency Management Agency to keep track of individuals
(in a data base called MAINCORE) who were to be rounded up and incarcerated
in the event of certain types of "national emergencies". It is also at the
heart of FinCEN's data collation efforts.

The PROMIS software--whether equipped with a Trojan horse and sold
to foreign intelligence organization, or similarly modified to spy on banking
transactions--provides the key to a scandal that links the covert collection
of data on individuals, money laundering in Arkansas and elsewhere, defense
payola around the nation, and nuclear espionage at the White House, to the
deaths of Danny Casolaro and Vince Foster.

INTERMISSION: POP QUIZ WITH RESPECT TO PREVIOUS
AND FUTURE POSTS

1. John Steuri, Chairman and CEO of Alltel Information Services
(formerly Systematics), says in a memo to Jim Norman, "We have
no present or prior relationship whatsoever with any company
called E-Systems." Is he willing to swear to this under oath?

2. If Caspar Weinberger's name is allegedly on account number
KPFBMMBODE at the Union Bank of Switzerland , then what six names
are allegedly on account number KPFBMMBODB at the same bank? Is the
name of a U.S. senator in any way linked to this second account
number?

3. Who was the president of Panama whose brother wrote a paper
"Panama as an International Banking Center" at the Wharton School
of the University of Pennsylvania under my supervision?

4. What major U.S. bank is in danger of losing the entirety of
its equity base because of money laundering and RICO violations?

5. What top Federal Reserve official is also involved in money
laundering?

6. What secret government communication division is located in
Manassas, Virginia? Why was one of their employees named Standorf
found beaten to death in his car at National Airport? Was it
because he had delivered to Danny Casolaro computer printouts that
showed the details of wire transfers from BCCI London and the World
Bank to accounts in the Cayman Islands and Switzerland? Did some of
these transfers represent payments to U.S. government officials for
sales of the PROMIS software to foreign governments?